EurekaLog 6.1.01 RC 1 Application: ------------------------------------------------------- 1.1 Start Date : Thu, 5 May 2011 19:05:03 +0300 1.2 Name/Description: SASPlanet.exe 1.3 Version Number : 1.4 Parameters : 1.5 Compilation Date: Mon, 18 Apr 2011 12:52:55 +0300 1.6 Up Time : 1 second Exception: --------------------------------------------------------------------------------------------------------------- 2.1 Date : Thu, 5 May 2011 19:05:04 +0300 2.2 Address : 00401F24 2.3 Module Name : SASPlanet.exe 2.4 Module Version: 2.5 Type : EAccessViolation 2.6 Message : Access violation at address 00401F24 in module 'SASPlanet.exe'. Read of address FFFFFFFC. 2.7 ID : A28A 2.8 Count : 1 2.9 Status : New 2.10 Note : Computer: ------------------------------------------------------------------------------- 5.3 Free Memory : 738 Mb 5.5 Free Disk : 8,37 Gb 5.6 System Up Time: 28 minutes, 20 seconds 5.7 Processor : Intel(R) Pentium(R) Dual CPU T2390 @ 1.86GHz 5.8 Display Mode : 1280 x 800, 32 bit 5.9 Display DPI : 96 5.10 Video Card : NVIDIA GeForce 9300M G (driver 8.17.12.6099 - RAM 256 MB) 5.11 Printer : Microsoft XPS Document Writer (driver 6.0.6002.18005) Operating System: --------------------------------------- 6.1 Type : Microsoft Windows Vista 6.2 Build # : 6002 6.3 Update : Service Pack 2 6.4 Language: Russian 6.5 Charset : 204 Network: --------------------------------------------------------------------- 7.1 IP Address: 000.000.000.000 - 000.000.000.000 - 109.254.087.128 7.2 Submask : 000.000.000.000 - 000.000.000.000 - 255.255.255.000 7.3 Gateway : 000.000.000.000 - 000.000.000.000 - 109.254.087.001 7.4 DNS 1 : 000.000.000.000 - 000.000.000.000 - 109.254.049.011 7.5 DNS 2 : 000.000.000.000 - 000.000.000.000 - 193.108.038.233 7.6 DHCP : ON - ON - ON Call Stack Information: ------------------------------------------------------------------------------------------------------------ |Address |Module |Unit |Class |Procedure/Method |Line | ------------------------------------------------------------------------------------------------------------ |Running Thread: ID=4160; Priority=0; Class=; [Main] | |----------------------------------------------------------------------------------------------------------| |00637A87|SASPlanet.exe|u_MarkCategoryDB.pas |TMarkCategoryDB |LoadCategoriesFromFile|298[3] | |0063ABFD|SASPlanet.exe|u_MarksDb.pas |TMarksDB |ReadConfig |114[2] | |0063ABD0|SASPlanet.exe|u_MarksDb.pas |TMarksDB |ReadConfig |112[0] | |007346BA|SASPlanet.exe|u_GlobalState.pas |TGlobalState |LoadConfig |473[38]| |00734428|SASPlanet.exe|u_GlobalState.pas |TGlobalState |LoadConfig |435[0] | |00801A3B|SASPlanet.exe|SASPlanet.dpr | | |517[11]| |775AD0E7|kernel32.dll | | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=4804; Priority=0; Class=TGarbageCollectorThread | |----------------------------------------------------------------------------------------------------------| |776A45CE|ntdll.dll | | |NtDelayExecution | | |775A993E|kernel32.dll | | |SleepEx | | |77561C67|kernel32.dll | | |Sleep | | |77561C5D|kernel32.dll | | |Sleep | | |006240E7|SASPlanet.exe|u_GarbageCollectorThread.pas|TGarbageCollectorThread|Execute |54[11] | |775AD0E7|kernel32.dll | | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------| |Calling Thread: ID=4160; Priority=0; Class=; [Main] | |----------------------------------------------------------------------------------------------------------| |00624052|SASPlanet.exe|u_GarbageCollectorThread.pas|TGarbageCollectorThread|Create |31[4] | |00623FE4|SASPlanet.exe|u_GarbageCollectorThread.pas|TGarbageCollectorThread|Create |27[0] | |00733DE8|SASPlanet.exe|u_GlobalState.pas |TGlobalState |Create |284[44]| |007339D4|SASPlanet.exe|u_GlobalState.pas |TGlobalState |Create |240[0] | |008019C9|SASPlanet.exe|SASPlanet.dpr | | |508[2] | |775AD0E7|kernel32.dll | | |BaseThreadInitThunk | | ------------------------------------------------------------------------------------------------------------ Modules Information: --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |Handle |Name |Description |Version |Size |Modified |Path | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |00400000|SASPlanet.exe| | |5316096 |2011-04-18 12:52:56|D:\Quest.ENCOUNTER.MQUEST\Все карты установка\SASPlanet | |062A0000|YaTraf.dll | | |17408 |2011-04-12 17:54:18|D:\Quest.ENCOUNTER.MQUEST\Все карты установка\SASPlanet\maps | |6D720000|mzvkbd3.dll |Mozilla 3 Virtual Keyboard |8.0.0.523 |109072 |2009-08-27 12:12:44|C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009 | |72DA0000|wsock32.dll |Windows Socket 32-Bit DLL |6.0.6001.18000 |15360 |2008-01-21 05:23:46|C:\Windows\system32 | |73A70000|winmm.dll |MCI API DLL |6.0.6002.18005 |189952 |2009-04-11 09:28:26|C:\Windows\system32 | |73B10000|olepro32.dll | |6.0.6002.18005 |88576 |2009-04-11 09:28:24|C:\Windows\system32 | |73ED0000|pshook.dll |Punto Switcher hook module |3.1.1.72 |21800 |2010-03-23 15:00:18|C:\Program Files\Yandex\Punto Switcher | |73FA0000|msimg32.dll |GDIEXT Client DLL |6.0.6000.16386 |4608 |2006-11-02 12:46:08|C:\Windows\system32 | |74010000|OLEACC.dll |Active Accessibility Core Component |7.0.6002.18155 |234496 |2009-10-09 00:08:02|C:\Windows\system32 | |74900000|uxtheme.dll |Библиотека тем UxTheme (Microsoft) |6.0.6001.18000 |240128 |2008-01-21 05:23:44|C:\Windows\system32 | |74C70000|comctl32.dll |Библиотека элементов управления взаимодействия с пользователем|6.10.6002.18305 |1686016 |2010-08-31 18:43:54|C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3| |75030000|version.dll |Version Checking and File Installation Libraries |6.0.6002.18005 |20480 |2009-04-11 09:28:26|C:\Windows\system32 | |75350000|mswsock.dll |Расширение поставщика службы API Microsoft Windows Sockets 2.0|6.0.6002.18005 |223232 |2009-04-11 09:28:24|C:\Windows\system32 | |75C70000|PSAPI.DLL |Process Status Helper |6.0.6000.16386 |12288 |2006-11-02 12:46:14|C:\Windows\system32 | |75D10000|USP10.dll |Uniscribe Unicode script processor |1.626.6002.18244|502272 |2010-04-16 19:46:50|C:\Windows\system32 | |75D90000|ole32.dll |Microsoft OLE для Windows |6.0.6002.18277 |1316864 |2010-06-28 20:00:22|C:\Windows\system32 | |75EE0000|oleaut32.dll | |6.0.6002.18005 |563712 |2009-04-11 09:28:24|C:\Windows\system32 | |75FC0000|shell32.dll |Общая библиотека оболочки Windows |6.0.6002.18393 |11586048|2011-01-21 19:35:24|C:\Windows\system32 | |76AE0000|imm32.dll |Multi-User Windows IMM32 API Client DLL |6.0.6002.18005 |114688 |2009-04-11 09:28:22|C:\Windows\system32 | |76B00000|MSCTF.dll |Серверная библиотека MSCTF |6.0.6002.18005 |807424 |2009-04-11 09:28:22|C:\Windows\system32 | |76BD0000|Normaliz.dll |Unicode Normalization DLL |6.0.6000.16386 |2560 |2006-11-02 11:33:08|C:\Windows\system32 | |76BE0000|msvcrt.dll |Windows NT CRT DLL |7.0.6002.18005 |679936 |2009-04-11 09:28:24|C:\Windows\system32 | |76C90000|URLMON.DLL |Расширения OLE32 для Win32 |9.0.8112.16421 |1102336 |2011-03-23 10:30:40|C:\Windows\system32 | |76DA0000|RPCRT4.dll |Библиотека удаленного вызова процедур |6.0.6002.18024 |784896 |2009-04-23 15:15:08|C:\Windows\system32 | |76E70000|NSI.dll |NSI User-mode interface DLL |6.0.6001.18000 |8192 |2008-01-21 05:24:48|C:\Windows\system32 | |76F10000|LPK.DLL |Language Pack |6.0.6002.18051 |23552 |2009-06-15 17:52:44|C:\Windows\system32 | |76F20000|SHLWAPI.dll |Библиотека небольших программ оболочки |6.0.6002.18393 |353280 |2011-01-21 19:35:24|C:\Windows\system32 | |77110000|GDI32.dll |GDI Client DLL |6.0.6002.18005 |297472 |2009-04-11 09:28:20|C:\Windows\system32 | |77160000|USER32.dll |Многопользовательская библиотека клиента USER API Windows |6.0.6002.18005 |627712 |2009-04-11 09:28:26|C:\Windows\system32 | |77200000|iertutil.dll |Run time utility for Internet Explorer |9.0.8112.16421 |1785344 |2011-03-23 10:30:40|C:\Windows\system32 | |773C0000|comdlg32.dll |Библиотека общих диалоговых окон |6.0.6002.18005 |450560 |2009-04-11 09:28:20|C:\Windows\system32 | |77440000|WININET.dll |Расширения Интернета для Win32 |9.0.8112.16421 |1126912 |2011-03-23 10:30:40|C:\Windows\system32 | |77560000|kernel32.dll |Библиотека клиента Windows NT BASE API |6.0.6002.18005 |891392 |2009-04-11 09:28:22|C:\Windows\system32 | |77640000|ntdll.dll |Системная библиотека NT |6.0.6002.18327 |1205080 |2010-10-15 16:49:00|C:\Windows\system32 | |77770000|imagehlp.dll |Windows NT Image Helper |6.0.6001.18000 |153088 |2008-01-21 05:24:08|C:\Windows\system32 | |777A0000|ADVAPI32.dll |Расширенная библиотека API Windows 32 |6.0.6002.18005 |800768 |2009-04-11 09:28:18|C:\Windows\system32 | |77870000|WS2_32.dll |32-разрядная библиотека Windows Socket 2.0 |6.0.6001.18000 |179200 |2008-01-21 05:24:50|C:\Windows\system32 | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Processes Information: ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |ID |Name |Description |Version |Memory|Priority |Threads|Path | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |0 |[System Process] | | |0 | |2 | | |4 |System | | |0 |Normal |135 | | |256 |RtkBtMnt.exe |Realtek HD Audio Data Rerouter |1.0.0.7 |0 |Normal |2 |C:\Users\-urban-\AppData\Local\Temp | |528 |smss.exe |Windows Session Manager |6.0.6002.18005|0 |Above-Normal|4 | | |544 |svchost.exe |Хост-процесс для служб Windows |6.0.6001.18000|0 |Normal |14 | | |596 |csrss.exe |Процесс исполнения клиент-сервер |6.0.6001.18000|0 |High |13 | | |648 |wininit.exe |Автозагрузка приложений Windows |6.0.6001.18000|0 |High |3 | | |656 |csrss.exe |Процесс исполнения клиент-сервер |6.0.6001.18000|0 |High |10 | | |700 |services.exe |Приложение служб и контроллеров |6.0.6002.18005|0 |Normal |5 | | |712 |lsass.exe |Процесс локального администратора безопасности |6.0.6002.18051|0 |Normal |10 | | |720 |lsm.exe |Служба диспетчера локальных сеансов |6.0.6001.18000|0 |Normal |10 | | |800 |NetworkLicenseServer.exe| | |0 |Normal |12 | | |868 |LManager.exe |Launch Manager |2.0.1.1504 |0 |Normal |4 |C:\Program Files\Launch Manager | |876 |IAANTmon.exe | | |0 |Normal |4 | | |880 |svchost.exe |Хост-процесс для служб Windows |6.0.6001.18000|0 |Normal |6 | | |888 |avp.exe | | |0 |Normal |42 | | |936 |nvvsvc.exe |NVIDIA Driver Helper Service, Version 260.99 |8.17.12.6099 |0 |Normal |5 | | |968 |winlogon.exe |Программа входа в систему Windows |6.0.6002.18005|0 |High |3 | | |1012|svchost.exe |Хост-процесс для служб Windows |6.0.6001.18000|0 |Normal |8 | | |1092|svchost.exe |Хост-процесс для служб Windows |6.0.6001.18000|0 |Normal |4 | | |1140|svchost.exe |Хост-процесс для служб Windows |6.0.6001.18000|0 |Normal |17 | | |1176|svchost.exe |Хост-процесс для служб Windows |6.0.6001.18000|0 |Normal |38 | | |1188|svchost.exe |Хост-процесс для служб Windows |6.0.6001.18000|0 |Normal |20 | | |1196|svchost.exe |Хост-процесс для служб Windows |6.0.6001.18000|0 |Normal |44 | | |1264|ApMsgFwd.exe |ApMsgFwd |7.0.0.18 |0 |Normal |2 |C:\Program Files\Apoint2K | |1276|sl1000.exe |Verify App Ver |1.1.0.10 |0 |Normal |11 |C:\Users\-urban-\AppData\Local\TempImages | |1288|audiodg.exe |Изоляция графиков аудиоустройств Windows |6.0.6002.18005|0 |Normal |11 | | |1316|svchost.exe |Хост-процесс для служб Windows |6.0.6001.18000|0 |Normal |5 | | |1340|SLsvc.exe |Служба лицензирования программного обеспечения Майкрософт |6.0.6002.18005|0 |Normal |4 | | |1368|eNet Service.exe | | |0 |Normal |8 | | |1388|svchost.exe |Хост-процесс для служб Windows |6.0.6001.18000|0 |Normal |29 | | |1416|eDSService.exe |Acer eDataSecurity Management Service |3.0.89.5 |0 |Normal |6 | | |1436|plugin-container.exe |Plugin Container for Firefox |2.0.1.4120 |0 |Normal |10 |C:\Program Files\Mozilla Firefox | |1524|eLockServ.exe | | |0 |Normal |8 | | |1680|RtHDVCpl.exe |HD Audio Control Panel |1.0.0.89 |0 |Normal |9 |C:\Windows | |1724|NvXDSync.exe | | |0 |Normal |6 | | |1736|nvvsvc.exe |NVIDIA Driver Helper Service, Version 260.99 |8.17.12.6099 |0 |Normal |5 | | |1780|avp.exe | | |0 |Below-Normal|9 | | |1932|spoolsv.exe |Диспетчер очереди печати |6.0.6002.18294|0 |Normal |16 | | |1968|svchost.exe |Хост-процесс для служб Windows |6.0.6001.18000|0 |Normal |28 | | |1996|LSSrvc.exe | | |0 |Normal |2 | | |2080|MobilityService.exe | | |0 |Normal |5 | | |2124|svchost.exe |Хост-процесс для служб Windows |6.0.6001.18000|0 |Normal |5 | | |2204|svchost.exe |Хост-процесс для служб Windows |6.0.6001.18000|0 |Normal |4 | | |2216|StarWindServiceAE.exe | | |0 |Normal |4 | | |2268|svchost.exe |Хост-процесс для служб Windows |6.0.6001.18000|0 |Normal |7 | | |2288|TeamViewer_Service.exe | | |0 |Normal |6 | | |2412|TUProgSt.exe |TuneUp Program Statistics Service |8.0.3310.3 |0 |Normal |3 | | |2464|svchost.exe |Хост-процесс для служб Windows |6.0.6001.18000|0 |Normal |4 | | |2484|taskeng.exe |Обработчик планировщика заданий |6.0.6002.18342|0 |Normal |17 |C:\Windows\system32 | |2496|firefox.exe |Firefox |2.0.1.4120 |0 |Normal |30 |C:\Program Files\Mozilla Firefox | |2528|SearchIndexer.exe |Индексатор службы Microsoft Windows Search |7.0.6002.18005|0 |Normal |17 | | |2612|XAudio.exe | | |0 |Normal |2 | | |2640|eRecoveryService.exe | | |0 |Normal |9 | | |2664|clip2net.exe | | |0 |Normal |1 |C:\Program Files\Clip2Net | |2696|capuserv.exe | | |0 |Normal |8 | | |2772|ePowerSvc.exe | | |0 |Normal |9 | | |3064|WmiPrvSE.exe |WMI Provider Host |6.0.6002.18005|0 |Normal |4 | | |3076|GoogleCrashHandler.exe | | |0 |Normal |4 | | |3104|ehtray.exe |Media Center Tray Applet |6.0.6001.18000|0 |Normal |2 |C:\Windows\ehome | |3148|WmiPrvSE.exe |WMI Provider Host |6.0.6002.18005|0 |Normal |5 | | |3216|ameisvc.exe | | |0 |Normal |4 | | |3272|ehmsas.exe |Media Center Media Status Aggregator Service |6.0.6001.18000|0 |Normal |3 |C:\Windows\ehome | |3292|unsecapp.exe |Sink to receive asynchronous callbacks for WMI client application|6.0.6002.18005|0 |Normal |3 | | |3740|Dwm.exe |Диспетчер рабочего стола |6.0.6002.18005|0 |Normal |3 |C:\Windows\system32 | |3880|Explorer.EXE |Проводник |6.0.6002.18005|0 |Normal |30 |C:\Windows | |3912|Apntex.exe |Alps Pointing-device Driver for Windows NT/2000/XP/Vista |7.0.1.27 |0 |Normal |3 |C:\Program Files\Apoint2K | |3996|punto.exe |Punto Switcher |3.1.1.72 |0 |Normal |1 |C:\Program Files\Yandex\Punto Switcher | |4000|taskeng.exe |Обработчик планировщика заданий |6.0.6002.18342|0 |Below-Normal|5 | | |4032|Apoint.exe |Alps Pointing-device Driver |7.0.1.260 |0 |Normal |3 |C:\Program Files\Apoint2K | |4104|SASPlanet.exe | | |0 |Normal |5 |D:\Quest.ENCOUNTER.MQUEST\Все карты установка\SASPlanet| |4148|qip.exe |Quiet Internet Pager |8.0.9.5 |0 |Normal |12 |C:\Program Files\QIP | |4236|Skype.exe |Skype |5.3.0.111 |0 |Normal |44 |C:\Program Files\Skype\Phone | |5012|wuauclt.exe |Windows Update |7.4.7600.226 |0 |Normal |2 |C:\Windows\system32 | |5256|SearchFilterHost.exe |Microsoft Windows Search Filter Host |7.0.6002.18005|0 |Low |3 |C:\Windows\system32 | |5264|SearchProtocolHost.exe |Microsoft Windows Search Protocol Host |7.0.6002.18005|0 |Low |6 | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Assembler Information: ------------------------------------------------------------ 00401F12 mov eax, esi 00401F14 pop edi 00401F15 pop esi 00401F16 pop ebx 00401F17 ret 00401F18 pop ebx 00401F19 test eax, eax 00401F1B jns -$000005D5 00401F21 xor eax, eax 00401F23 ret 00401F24 mov edx, [eax-$04] ; <-- EXCEPTION 00401F27 test dl, $07 00401F2A mov ecx, eax 00401F2C push ebx 00401F2D mov bl, byte ptr [$86B04D] 00401F33 jnz +$000000E3 00401F39 test bl, bl 00401F3B mov ebx, [edx] 00401F3D jnz +$61 00401F3F sub dword ptr [edx+$0C], +$01 00401F43 mov eax, [edx+$08] Registers: ----------------------------- EAX: 00000000 EDI: 002F99E0 EBX: 00004005 ESI: 03732C10 ECX: 00000018 ESP: 0012FD90 EDX: 00000000 EIP: 00401F24 Stack: Memory Dump: ------------------ --------------------------------------------------------------------------- 0012FD90: 0052C339 00401F24: 8B 50 FC F6 C2 07 89 C1 53 8A 1D 4D B0 86 00 0F .P......S..M.... 0012FD94: 00000000 00401F34: 85 E3 00 00 00 84 DB 8B 1A 75 61 83 6A 0C 01 8B .........ua.j... 0012FD98: 00000000 00401F44: 42 08 74 2C 85 C0 89 4A 08 8D 40 01 89 41 FC 74 B.t,...J..@..A.t 0012FD9C: 00000000 00401F54: 07 31 C0 88 03 5B C3 90 8B 4B 04 89 5A 14 89 4A .1...[...K..Z..J 0012FDA0: 03732C10 00401F64: 04 89 51 14 89 53 04 C6 03 00 31 C0 5B C3 90 90 ..Q..S....1.[... 0012FDA4: 00000001 00401F74: 85 C0 74 13 8B 42 14 8B 4A 04 89 48 04 89 41 14 ..t..B..J..H..A. 0012FDA8: 0012FDCC 00401F84: 31 C0 39 53 10 75 03 89 43 0C 88 03 89 D0 8B 52 1.9S.u..C......R 0012FDAC: 0052E797 00401F94: FC 8A 1D 4D B0 86 00 E9 85 00 00 00 B8 00 01 00 ...M............ 0012FDB0: 03732C10 00401FA4: 00 F0 0F B0 23 74 94 F3 90 80 3D B9 B5 86 00 00 ....#t....=..... 0012FDB4: 002F99E0 00401FB4: 75 EA 51 52 6A 00 E8 C5 F5 FF FF 5A 59 B8 00 01 u.QRj......ZY... 0012FDB8: 00000000 00401FC4: 00 00 F0 0F B0 23 0F 84 6F FF FF FF 51 52 6A 0A .....#..o...QRj. 0012FDBC: 002F99E0 00401FD4: E8 AB F5 FF FF 5A 59 EB C3 90 90 90 B8 00 01 00 .....ZY......... 0012FDC0: 00000000 00401FE4: 00 F0 0F B0 25 1C B7 86 00 74 42 F3 90 80 3D B9 ....%....tB...=. 0012FDC4: 00000000 00401FF4: B5 86 00 00 75 E6 6A 00 E8 83 F5 FF FF B8 00 01 ....u.j......... 0012FDC8: 00000000 00402004: 00 00 F0 0F B0 25 1C B7 86 00 74 21 6A 0A E8 6D .....%....t!j..m 0012FDCC: 0012FE30 00402014: F5 FF FF EB C7 90 90 90 F6 C2 05 0F 85 E7 00 00 ................